Linux Kernel Null Pointer Dereference Vulnerability in Display Driver
CVE-2025-39820
Currently unrated
What is CVE-2025-39820?
A vulnerability in the Linux kernel's display driver pertaining to a null pointer dereference has been detected. This issue occurs within the drm_atomic_get_new_connector_state() function, which can return a NULL value when a connector is absent from the atomic state. This inadequacy can lead to system instability if not handled correctly. To address this, a null pointer check has been introduced, mirroring the implementation already established in the dpu_encoder_update_topology() function. This crucial addition prevents potential dereference of a NULL pointer, bolstering system reliability and security.
Affected Version(s)
Linux 1ce69c265a53c61c5c29f97f542ff89af3f3d7e7
Linux 1ce69c265a53c61c5c29f97f542ff89af3f3d7e7
Linux 6.15